Skip to content

Adding an Active Directory Application

In order to integrate with Active Directory, first create an application entry in Data Access Security. This entry includes the identification, connection details, and other parameters necessary to create the link.

To add an application, use the New Application Wizard.

  1. Go to Admin > Applications.
  2. Select Add New to open the wizard.
  3. Select Standard Application
  4. Select Next to open the General Details page.

General Details

  1. Review and edit the application's general details:

    • Application Type - Active Directory
    • Application Name - Logical name of the application
    • Description - Description of the application
    • Tags - Select tags for the application from the dropdown list or type a new name. Select Enter to create a tag.
  2. Select an Identity Collector of type Active Directory.

    • You can create identity collectors on the Admin > Identity Collectors page.
  3. Select Next to open the Connection Details page.

Connection Details

  1. Fill in the connection details:

    • Domain Name - FQDN of the domain.

      Warning

      When using the host.yaml file in the virtual appliance, the domain name is case-sensitive.

    • SSL - Select if utilizing SSL. Must be checked to connect with LDAPS. If this is selected, a certificate needs to be provided.

    • Domain NetBIOS Name - The short name of the domain.
    • Base DN - Use Distinguished Name (DN) for field entry. The level in the Active Directory tree from which the crawler will start collecting resource. This field should remain empty unless needed.
    • Username - The following are the types of usernames. In order to connect to Data Access Security, you need to have access to Active Directory. The user cannot be suspended or disabled.
      • samAccountName
      • UPN - If the user is from a different trusted domain.
      • Distinguished Username - (example 'cn=user1, dc=users, dc=example, dc=com')
    • Password - The user's password.
    • Specific Server Connection - Data Access Security will connect dynamically to any of the domain controllers available. To specify a specific domain controller to force all communication, enter the server name into this field.
    • Select Next.

You can now configure and schedule resource discovery.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.